<div align="Center"> 
<p><b>Lesson Plan Title:</b> How to Perform Forced Browsing Attacks. </p>
 </div>
 
<p><b>Concept / Topic To Teach:</b> </p>
How to Exploit Forced Browsing.
 <br> 
<div align="Left"> 
<p>
<b>How the attacks works:</b>
</p>
Forced browsing is a technique used by attackers to gain access to resources that are not referenced, but are nevertheless accessible. 

One technique is to manipulate the URL in the browser by deleting sections from the end until an unprotected directory is found
</div>
<p><b>General Goal(s):</b> </p>
<!-- Start Instructions -->
* Your goal should be to try to guess the URL for the "config" interface.<br>
* The "config" URL is only available to the maintenance personnel.<br>
* The application doesn't check for horizontal privileges.
<!-- Stop Instructions -->
